cpe:/a:commodityrentals:video_games_rentals CVE-2010-0690 2010-02-23T13:30:00.437-05:00 2017-08-16T21:32:04.273-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-02-24T09:00:00.000-05:00 EXPLOIT-DB 11409 SECUNIA 38555 OSVDB 62295 MISC http://packetstormsecurity.org/1002-exploits/videogamesrental-sql.txt XF videogames-index-sql-injection(56226) SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action.